4
How can I monitor an EXE file when it is running to see what URL it is connecting to? I assume there must be free software out there that can do this fairly easily?
4
How can I monitor an EXE file when it is running to see what URL it is connecting to? I assume there must be free software out there that can do this fairly easily?
11
For in depth analysis, Wireshark is your best bet as Phoshi has already mentioned. For a quick look at the URL, you can use netstat
from the command line, or TCPView.
C:\Documents and Settings\Administrator>netstat -b
Active Connections
Proto Local Address Foreign Address State PID
TCP john:1969 85.65.97.58.dynamic.barak-online.net:27645
[deluged.exe]
TCP john:1604 vx-in-f100.1e100.net:http ESTABLISHED 2904
[firefox.exe]
TCP john:1716 79-114-229-43:60126 ESTABLISHED 732
[deluged.exe]
+1 didn't know about console netstat – whitequark – 2010-01-26T19:30:07.593
7
Try Wireshark - it's just about the best out there.
+1 for Wireshark as well :) – Glen Y. – 2010-01-26T19:47:10.923
0
If you want just the "URL" part, SmartSniff is one of the easiest tools. It can be used as a generic packet sniffer too.
0
Out of the box I believe you can also find this out with netstat
command. But I don't know for sure anymore because I am not running windows(only when really necessary) anymore.
0
Try Fiddler. It's a proxy for doze, which registers itself as the system proxy. If your application uses the system proxy (it might bypass it) then its requests will be intercepted by Fiddler when it's running.
Any firewall that monitors outgoing traffic should tell you. Set the firewall running, then start the program. It's request should be logged and then you can find the URL. – ChrisF – 2010-01-26T20:06:54.280